Cracking/Hacking Windows Passwords (UPDATED: VISTA too!!)

Instructional/Educational Purposes only.
Be nice kids.

First of all, and I have to say this because of some recent comments, this is not a virus, and will not delete any files from your computer. In fact, ophCrack, the software we're gonna use is a very popular password cracker. Google it or Wikipedia it if you don't believe me.

This works for WINDOWS ONLY
UPDATE: WORKS FOR XP AND VISTA

This will crack all windows passwords up to 14 digits on a computer.
You need physical access to the computer.
You don't need to be logged in (that's what this is for).
It will tell you all user names and passwords on the computer.

Remove these ads by Signing Up

Step 1: Get the resource

1. Go here:
http://ophcrack.sourceforge.net/download.php http://ophcrack.sourceforge.net/download.php

2. Download the latest version of ophcrack live cd. To crack passwords on an XP computer select 'ophcrack XP LiveCD'. To crack passwords on a VISTA computer select 'ophcrack VISTA LiveCD'.

3.The software you download will be a CD image (.iso format). If you try opening this on a computer with a CD-Writer and CD-Writing Software (eg. Nero, Roxio, Record Now, or whatever you have) it will write that file to a CD.
So, make the CD

Dashadower says: Jun 17, 2012. 3:53 AM

Use daemon tools for a cd making software.

AndiLea91 says: Mar 26, 2011. 10:07 PM

ok so i put the boot up menu in the right order, i went into the bios set up and changed the boot sequence to "CD/DVD/CD-RW Drive" then "Internal HDD" and i hit esc and then it went through the black linux screen and scrolled down and then went to this white screen that says "ophcrack Live CD" with 4 characters to the side and options to the right. asking for "ophcrack Graphic mode - automati, manual. low ram, and text mode." it started automatically in auto mode and then went to this black screen again and loaded a bunch of dots.

after that it went to this next screen that was all brown and had a large OS in the corner and ophcrack LiveCD along the top and this black box menu that stated. "tables found (mntsr0tablesvista_free), and "list of windows partitions containing hashes (0. mnt/s da2/windows/system32/config)(1. /mnt/s da3/windows/system32/config)", and then "select the partition to crack::" ...what did i do wrong or what am i suppose to do...i have a dell studio with windows vista please help.

Splicer02 says: Jan 28, 2011. 10:14 PM

Why is this under "Props"?

shortman says: May 8, 2008. 4:56 PM

I have tried about 7 of these instructables to go around or reset admin. password and NONE OF THEM work.

jcksparr0w says: Apr 12, 2010. 1:40 PM

ive tried at least 15 of them already and its just like you. NONE OF THEM WORK!!!!

Muscelz says: Feb 2, 2009. 8:52 AM

try this program called password-nuker, it resets your SAM file on boot

kerpaul says: Jun 18, 2008. 7:47 PM

try my instructable. you don't need any software, just an account on the computer or the computer's network. http://www.instructables.com/id/how-to-change-windows-passwords-without-logging-on/

Boom-Man says: Sep 16, 2008. 1:17 PM

i read your instructable first of all the account needs to be an administrator also it dose not work for vista i dont really like it (no offence to you what so ever)

kerpaul says: Sep 16, 2008. 5:10 PM

boom-man, the account does NOT need to be an administrator (at least not on the computers i've tried, i have no clue where you've tried) i never said it would work for vista, it says WINDOWS XP in there, just read it carefully. i really don't care that much whether you like it or not, any feedback is good feedback.

damasta says: May 24, 2008. 4:36 PM

try harder, but you're right, most of them only work when you're already admin... This will work (if bootCD isn't locked down in bios) mine will work too I haven't seen other methods on here

ian bernal says: Jan 20, 2010. 5:25 PM

hello! nice to have this tool, do you know if it works on windows 7?

nightangle says: Feb 22, 2010. 11:00 PM

no, i do not know any thing about hacking.

NetDex says: Dec 3, 2009. 2:51 PM

Technically, every anti-virus scanner I use say something like this, " Warning! Virus PSW.PSWdump has been found" or something like that.

NetDex says: Dec 3, 2009. 2:54 PM

It goes like this, PSW.PSWDump.at (Unclassified Threat)

shortman says: May 8, 2008. 11:47 AM

AVG says this is an unwanted risky file. It did not load to CD but installed on download computer. This is a bad file to try to use.

HardCoreHacker says: Oct 31, 2009. 8:54 AM

of coarse it says its risky! its a password cracker stupid

A.C.E. says: Jun 17, 2009. 5:29 PM

and you must have downloaded the executable file. if you want to burn it to a disc you need the iso.

spartan 2209 says: Oct 10, 2009. 3:22 PM

Hello again A.C.E. lol.

Lance Mt. says: Feb 12, 2010. 2:13 AM

Hello again spartan 2209....

I'm sorry, i actually have no idea who you are..

Everyone was doing it.

spartan 2209 says: Feb 19, 2010. 4:26 PM

Haha funny thing is I've seen you on other instructables many times :P

Lance Mt. says: Feb 20, 2010. 4:58 AM

Yeah i get that =D

I like this community

gamerguy13 says: Oct 30, 2009. 3:56 PM

How do you get the windows vista startup to look like that?

spartan 2209 says: Oct 10, 2009. 3:22 PM

Wow, are you forgetting the TINY detail that you have to be an administrator to download and install. Good try though.

blacjack1 says: Oct 2, 2009. 7:51 AM

I had my doubts as to if this would actually work, but my first comment turned around and bit me in the arse and i was totally amazed that it worked, but seriously it went to my head a little bit and i kinda went crazy(me and friend) at school with this. Found Head Admins PW All head teachers PW everyones, pretty cool if you ask me.

Muscelz says: Sep 19, 2008. 6:42 AM

RAINBOW FILES PEOPLE!!!!! RAINBOW FILES!!!!
look em up, make em, USE EM!!! u can crack a 14 number and letter password in aprox 2mins max

He he he he, i got 125gig of tables, i can crack nt lm passwords number/letter/symbol at a 96% hit rate :) **evil laugh** ok very serious

here are some helpful things to follow
LOOK UP
LEARN
LOOK UP SUM MORE JUST TO BE SURE
LEARN WHAT YOU NEED TO
AND USE UR KNOWLEDGE IT CAN GET YOU PLACES!!!! money tooo

knex_mepalm says: Aug 8, 2009. 3:38 AM

uselesss, my computer file is 100 letters randomly typed and now remembered by me i remember the whole thing!!!!YOu cann't crack that in less than 10 hours i bet

Muscelz says: Aug 15, 2009. 6:30 AM

i know how to generate new sam files. if cracking doesn't work. ill just replace the sam file leaving no passwords

The Miracle Man says: Sep 29, 2009. 7:17 PM

You can change the password, but you will need to know what the password was before you changed it to decrypt those files.

knex_mepalm says: Aug 15, 2009. 11:09 PM

i did a 512 - bit encryption and i made it so it is impossible to delete unless you fry the cpu or something

Muscelz says: Aug 16, 2009. 1:34 AM

haha nah it dusnt work that way, the sam file contains info about the pc including specs, keys, passwords etc etc. as long as i got the cd key i can replace the sam file. jsut gota detect specs, enter product key and its ready to go lm and ntlm encryptions don't phase me anymore.

The Miracle Man says: Sep 29, 2009. 7:31 PM

What's the character set on your NTLM tables? Character length? Does it support Unicode? If I use a 128 character length password, your 10 character length limited NTLM rainbow table will NOT crack that. If you attempt brute force, your computer will give out before you ever get it cracked.

knex_mepalm says: Aug 18, 2009. 3:42 AM

i put it into an encryption folder

Muscelz says: Aug 18, 2009. 5:25 AM

my 3.3ghz I7e 975 can smash that 512bit encyption with in a month.
i can crack: (in real time mode)
Rijndael 128-256
Tripple DES 128
DES 56
Blowfish 128
PK v2.04g

and you can delete it, a encrypted file can be deleted. it just means it cant be read with out being decrypted. from my perspective you dont know what your talking about
AES 128-256

knex_mepalm says: Aug 19, 2009. 3:14 PM

ooops i typed it wrong, i put it in a folder which has a password on and if you want to delete it you need to crack the password but if you wanna read it you gotta crack another one

Muscelz says: Aug 20, 2009. 1:25 AM

ha it doesn't work like that, all you gota do it stop that process that's running that's "protecting" that file. once process has been ended the file is open for deletion. or if that doesn't work which it will (100%) just pop in my debian flash drive and delete that suka... no way u can stop me from deleting anything or cracking it unless i don't have the algorithm or i cant identify the encryption type

The Miracle Man says: Sep 29, 2009. 7:39 PM

What if the BIOS is password protected and doesn't allow booting from external media (of course there are ways around that)? On top of that, what if the entire hard drive is encrypted, with say... TrueCrypt? Combine those two with the encryption on the folders, and I hate to say it, but the liklihood you'll succeed in our lifetime are about .001%.

The Miracle Man says: Sep 29, 2009. 6:28 PM

The deletion I'll agree with you, but would need to be done in offline mode, or with system/root level permissions. As for your comment on cracking, apparently you forgot to mention there can be no time constraints. I'll give you the benefit of the doubt, you can crack anything, but the cracking process may not finish in this century.

knex_mepalm says: Aug 20, 2009. 5:23 AM

hmmmmm. that gives me an idea, say are you good at cracking?

Muscelz says: Aug 21, 2009. 1:17 AM

yes ofcource i can, and im not decrypting for the hell of it

Muscelz says: Aug 18, 2009. 5:26 AM

oops AES 128-256 was meant to be under PK v2-04g